Layer 7 Identity Management

Expand all | Collapse all

Automatically revocation of a user service

Jump to Best Answer
  • 1.  Automatically revocation of a user service

    Posted 07-24-2018 10:50 AM

    Hi,
    We have an issue regarding Identity Manager and Services.
    In our environment users could have one or more Services.

    When a user is disabled (the disable flag in the user directory is set), we notice that the disabled user keeps having the Services.
    Identity Manager does not automatically revoke user services prior to disabled him.

    This is a problem for the company, because it keeps the door opened to possible security issues.

    For this reason we have the following question:
    Is there any way to automatically revoke user sevices when the user is disabled?
    We haven't found a way to do it in the Service configuration, or via Policy Xpress.

     

    Regards



  • 2.  Re: Automatically revocation of a user service
    Best Answer

    Posted 07-25-2018 11:01 AM

    One thought might be to look at using a PX Policy on user disablement that triggers a TEWS (Soap) call back into IM to perform a remove service type task.



  • 3.  Re: Automatically revocation of a user service

    Posted 07-25-2018 03:30 PM

    Thanks for the reply,

    We are trying your suggestion: revoking the service via tews.

     

    Now we opened a new question, because we have a problem with the web service

    https://communities.ca.com/message/242130562-tews-service-revocation

     

    Kind regards